cpython

mirror of https://github.com/python/cpython.git synced 2026-01-28 05:35:31 +00:00

History

Miss Islington (bot) 857efee6d2

[3.9] gh-98517: Fix buffer overflows in _sha3 module (GH-98519) (#98526 )

This is a port of the applicable part of XKCP's fix [1] for
CVE-2022-37454 and avoids the segmentation fault and the infinite
loop in the test cases published in [2].

[1]: fdc6fef075
[2]: https://mouha.be/sha-3-buffer-overflow/

Regression test added by: Gregory P. Smith [Google LLC] <greg@krypto.org>
(cherry picked from commit 0e4e058602d93b88256ff90bbef501ba20be9dd3)

Co-authored-by: Theo Buehler <botovq@users.noreply.github.com>

2022-10-28 12:08:06 +02:00

clinic

bpo-9216: Add usedforsecurity to hashlib constructors (GH-16044)

2019-09-12 19:30:00 -05:00

kcp

[3.9] gh-98517: Fix buffer overflows in _sha3 module (GH-98519) (#98526 )

2022-10-28 12:08:06 +02:00

cleanup.py

…

README.txt

…

sha3module.c

[3.9] bpo-36515: Disable unaligned memory access in _sha3 on ARM (GH-25927) (GH-25928)

2021-05-06 08:55:35 +02:00

README.txt

Keccak Code Package
===================

The files in kcp are taken from the Keccak Code Package. They have been
slightly to be C89 compatible. The architecture specific header file
KeccakP-1600-SnP.h ha been renamed to KeccakP-1600-SnP-opt32.h or
KeccakP-1600-SnP-opt64.h.

The 64bit files were generated with generic64lc/libkeccak.a.pack target, the
32bit files with generic32lc/libkeccak.a.pack.